Epiphany AI (“we,” “us,” or “our”) is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services.
Account Information: When you create an account, we collect your name, email address, company name, phone number, and other registration details.
Chatbot Conversations: We process and store chatbot conversation data to provide the Service, capture leads, and improve chatbot responses.
Lead Data: Contact information voluntarily provided by website visitors through chatbot interactions, including name, email, and phone number.
CRM Integration Data: When you connect third-party CRM services, we process contact and opportunity data as necessary to facilitate the integration.
Usage Data: We collect information about how you interact with the Service, including page views, feature usage, and session data.
We use your information to: (a) provide, maintain, and improve the Service; (b) process and manage leads captured by chatbots; (c) facilitate CRM integrations you have authorized; (d) send notifications you have opted into; (e) respond to support requests; and (f) comply with legal obligations.
We do not sell your personal data. We may share data with: (a) third-party services you explicitly connect (e.g., CRM platforms) to fulfill the integration; (b) service providers who assist in operating the platform under strict confidentiality agreements; (c) law enforcement when required by law or to protect our rights.
We implement industry-standard security measures to protect your data, including encryption in transit (TLS) and at rest, secure authentication mechanisms, multi-factor authentication support, role-based access controls, and audit logging of data access. For organizations with healthcare compliance needs, we offer additional PHI encryption and anonymization features.
We retain your data for as long as your account is active or as needed to provide the Service. Organizations may configure custom data retention periods. Upon account termination, we will delete or anonymize your data within a reasonable timeframe, unless retention is required by law.
When you authorize third-party integrations (such as CRM systems), data is shared with those services according to their own privacy policies. We encourage you to review the privacy practices of any third-party service you connect. You may disconnect integrations at any time through the admin panel.
Depending on your jurisdiction, you may have the right to: (a) access the personal data we hold about you; (b) request correction of inaccurate data; (c) request deletion of your data; (d) object to or restrict processing of your data; and (e) receive a copy of your data in a portable format. To exercise these rights, contact our support team.
The Service uses essential cookies for authentication and session management. We do not use third-party advertising cookies. The embeddable chat widget operates within a sandboxed iframe and does not track visitors across websites.
The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children.
We may update this Privacy Policy from time to time. We will notify users of material changes by posting the updated policy on this page with a revised “Last updated” date.
For questions about this Privacy Policy or our data practices, please contact our support team.